<?php

#TODO: fix potential path issues

include('config.php');

# Bas van der Graaf (bvdgraaf@e-dynamics.nl): Make sure JS is only included once when securing multiple forms with cfformprotect.
if(!$weHavePHPfpjs) {
	echo "<script type='text/javascript' src='js/phpfp.js'></script>";
}

# check the config to see if each test is turned on
if($phpfpConfig['mouseMovement']) {
	# If the user moves their mouse, put the distance in this field (JavaScript function handles this).
	# verify.php will make sure the user at least used their keyboard. A spam bot won't trigger this

	echo '<input id="fp'.uniqid().'" type="hidden" name="formfield1234567891" class="phpfp_mm" value="" />';
}

if($phpfpConfig['usedKeyboard']) {
	# If the types on their keyboard, put the amount of keys pressed in this field.
	# verify.php will make sure the user at least used their keyboard. A spam bot won't trigger this

	echo '<input id="fp'.uniqid().'" type="hidden" name="formfield1234567892" class="phpfp_kp" value="" />';
}

if($phpfpConfig['timedFormSubmission']) {
	# in verify.php I will verify that the amount of time it took to
	# fill out this form is 'normal' (the time limits are set in the ini file)

	# get the current time, obfuscate it and load it to this hidden field
	$currentDate=date('ymd');
	$currentTime=date('His');

	# Add an arbitrary number to the date/time values to mask them from prying eyes
	$blurredDate=$currentDate+19740206;
	$blurredTime=$currentTime+19740206;

	echo '<input id="fp'.uniqid().'" type="hidden" name="formfield1234567893" value="'.$blurredDate.','.$blurredTime.'" />';
}

if($phpfpConfig['hiddenFormField']) {
	# A lot of spam bots automatically fill in all form fields.  verify.php will
	# test to see if this field is blank. The "leave this empty" text is there for blind people,
	# who might see this hidden field

	echo '<span style="display:none">Leave this field empty <input id="fp'.uniqid().'" type="text" name="formfield1234567894" value="" /></span>';
}

$weHavePHPfpjs=true;
?>
